use nettle_sys::{
aes256_ctx, nettle_aes256_decrypt, nettle_aes256_encrypt,
nettle_aes256_invert_key, nettle_aes256_set_decrypt_key,
nettle_aes256_set_encrypt_key,
};
use std::cmp::min;
use std::mem::zeroed;
use std::os::raw::c_void;
use crate::cipher::RawCipherFunctionPointer;
use crate::{cipher::Cipher, Error, Result};
pub struct Aes256 {
context: aes256_ctx,
}
impl Aes256 {
pub fn with_inverted_key(encrypt: &Self) -> Self {
let mut ctx = unsafe { zeroed() };
unsafe {
nettle_aes256_invert_key(
&mut ctx as *mut _,
&encrypt.context as *const _,
);
}
Aes256 { context: ctx }
}
}
impl Cipher for Aes256 {
const BLOCK_SIZE: usize = ::nettle_sys::AES_BLOCK_SIZE as usize;
const KEY_SIZE: usize = ::nettle_sys::AES256_KEY_SIZE as usize;
fn with_encrypt_key(key: &[u8]) -> Result<Aes256> {
if key.len() != Aes256::KEY_SIZE {
return Err(Error::InvalidArgument { argument_name: "key" });
}
let mut ctx = unsafe { zeroed() };
unsafe {
nettle_aes256_set_encrypt_key(&mut ctx as *mut _, key.as_ptr());
}
Ok(Aes256 { context: ctx })
}
fn with_decrypt_key(key: &[u8]) -> Result<Aes256> {
if key.len() != Aes256::KEY_SIZE {
return Err(Error::InvalidArgument { argument_name: "key" });
}
let mut ctx = unsafe { zeroed() };
unsafe {
nettle_aes256_set_decrypt_key(&mut ctx as *mut _, key.as_ptr());
}
Ok(Aes256 { context: ctx })
}
fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) {
unsafe {
nettle_aes256_encrypt(
&mut self.context as *mut _,
min(src.len(), dst.len()),
dst.as_mut_ptr(),
src.as_ptr(),
)
};
}
fn decrypt(&mut self, dst: &mut [u8], src: &[u8]) {
unsafe {
nettle_aes256_decrypt(
&mut self.context as *mut _,
min(src.len(), dst.len()),
dst.as_mut_ptr(),
src.as_ptr(),
)
};
}
fn context(&mut self) -> *mut c_void {
((&mut self.context) as *mut aes256_ctx) as *mut c_void
}
fn raw_encrypt_function() -> RawCipherFunctionPointer {
RawCipherFunctionPointer::new(nettle_aes256_encrypt)
}
fn raw_decrypt_function() -> RawCipherFunctionPointer {
RawCipherFunctionPointer::new(nettle_aes256_decrypt)
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn set_key() {
let key = &(b"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x10\x11\x12\x13\x14\x15\x16\x01\x02\x03\x04\x05\x06\x07\x08\x09\x10\x11\x12\x13\x14\x15\x16"[..]);
let _ = Aes256::with_encrypt_key(key).unwrap();
let _ = Aes256::with_decrypt_key(key).unwrap();
}
#[test]
fn round_trip() {
let key = vec![
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11,
0x12, 0x13, 0x14, 0x15, 0x16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
];
let input = vec![
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11,
0x12, 0x13, 0x14, 0x15, 0x16,
];
let mut cipher = vec![0; 16];
let mut output = vec![0; 16];
let mut enc = Aes256::with_encrypt_key(&key).unwrap();
let mut dec = Aes256::with_decrypt_key(&key).unwrap();
enc.encrypt(&mut cipher, &input);
dec.decrypt(&mut output, &cipher);
assert_eq!(output, input);
}
#[test]
fn round_trip_invert() {
let key = vec![
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11,
0x12, 0x13, 0x14, 0x15, 0x16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
];
let input = vec![
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11,
0x12, 0x13, 0x14, 0x15, 0x16,
];
let mut cipher = vec![0; 16];
let mut output = vec![0; 16];
let mut enc = Aes256::with_encrypt_key(&key).unwrap();
let mut dec = Aes256::with_inverted_key(&enc);
enc.encrypt(&mut cipher, &input);
dec.decrypt(&mut output, &cipher);
assert_eq!(output, input);
}
}